CVE-2011-1491

Source
https://nvd.nist.gov/vuln/detail/CVE-2011-1491
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2011-1491.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2011-1491
Published
2011-04-08T15:17:28Z
Modified
2025-08-09T19:01:28Z
Summary
[none]
Details

The login form in Roundcube Webmail before 0.5.1 does not properly handle a correctly authenticated but unintended login attempt, which makes it easier for remote authenticated users to obtain sensitive information by arranging for a victim to login to the attacker's account and then compose an e-mail message, related to a "login CSRF" issue.

References

Affected packages